1. 19 Jan, 2017 2 commits
    • Andres AG's avatar
      Add DTLS test to check 6 byte record ctr is cmp · 692ad84e
      Andres AG authored
      Add a test to ssl-opt.sh to ensure that in DTLS a 6 byte record counter
      is compared in ssl_check_ctr_renegotiate() instead of a 8 byte one as in
      the TLS case. Because currently there are no testing facilities to check
      that renegotiation routines are triggered after X number of input/output
      messages, the test consists on setting a renegotiation period that
      cannot be represented in 6 bytes, but whose least-significant byte is 2.
      If the library behaves correctly, the renegotiation routines will be
      executed after two exchanged.
      692ad84e
    • Andres AG's avatar
      Fix renegotiation at incorrect times in DTLS · 18c5c59b
      Andres AG authored
      Fix an incorrect condition in ssl_check_ctr_renegotiate() that compared
      64 bits of record counter instead of 48 bits as described in RFC 6347
      Section 4.3.1. This would cause the function's return value to be
      occasionally incorrect and the renegotiation routines to be triggered
      at unexpected times.
      18c5c59b
  2. 13 Dec, 2016 2 commits
  3. 17 Nov, 2016 2 commits
  4. 16 Nov, 2016 1 commit
  5. 10 Nov, 2016 3 commits
  6. 06 Nov, 2016 1 commit
    • Brian J Murray's avatar
      Clarify Comments and Fix Typos (#651) · 2adecba0
      Brian J Murray authored
      Fixes many typos, and errors in comments.
      
      * Clarifies many comments
      * Grammar correction in config.pl help text
      * Removed comment about MBEDTLS_X509_EXT_NS_CERT_TYPE.
      * Comment typo fix (Dont => Don't)
      * Comment typo fix (assure => ensure)
      * Comment typo fix (byes => bytes)
      * Added citation for quoted standard
      * Comment typo fix (one complement => 1's complement)
      
      The is some debate about whether to prefer "one's complement",  "ones'
      complement", or "1's complement".  The more recent RFCs related to TLS
      (RFC 6347,  RFC 4347, etc) use " 1's complement", so I followed that
      convention.
      
      * Added missing ")" in comment
      * Comment alignment
      * Incorrect comment after #endif
      2adecba0
  7. 04 Nov, 2016 2 commits
  8. 16 Oct, 2016 4 commits
  9. 15 Oct, 2016 1 commit
  10. 14 Oct, 2016 1 commit
  11. 13 Oct, 2016 21 commits